github.com/containers/podman/v2@v2.2.2-0.20210501105131-c1e07d070c4c/pkg/bindings/test/auth_test.go

github.com/containers/podman/v2@v2.2.2-0.20210501105131-c1e07d070c4c/pkg/bindings/test/auth_test.go (about)

     1  package test_bindings
     2  
     3  import (
     4  	"io/ioutil"
     5  	"os"
     6  	"time"
     7  
     8  	"github.com/containers/common/pkg/auth"
     9  	"github.com/containers/image/v5/types"
    10  	podmanRegistry "github.com/containers/podman/v2/hack/podman-registry-go"
    11  	"github.com/containers/podman/v2/pkg/bindings/images"
    12  	"github.com/containers/podman/v2/pkg/domain/entities"
    13  	. "github.com/onsi/ginkgo"
    14  	. "github.com/onsi/gomega"
    15  	"github.com/onsi/gomega/gexec"
    16  )
    17  
    18  var _ = Describe("Podman images", func() {
    19  	var (
    20  		registry *podmanRegistry.Registry
    21  		bt       *bindingTest
    22  		s        *gexec.Session
    23  		err      error
    24  	)
    25  
    26  	BeforeEach(func() {
    27  		// Note: we need to start the registry **before** setting up
    28  		// the test. Otherwise, the registry is not reachable for
    29  		// currently unknown reasons.
    30  		registry, err = podmanRegistry.Start()
    31  		Expect(err).To(BeNil())
    32  
    33  		bt = newBindingTest()
    34  		bt.RestoreImagesFromCache()
    35  		s = bt.startAPIService()
    36  		time.Sleep(1 * time.Second)
    37  		err := bt.NewConnection()
    38  		Expect(err).To(BeNil())
    39  	})
    40  
    41  	AfterEach(func() {
    42  		s.Kill()
    43  		bt.cleanup()
    44  		registry.Stop()
    45  	})
    46  
    47  	// Test using credentials.
    48  	It("tag + push + pull (with credentials)", func() {
    49  
    50  		imageRep := "localhost:" + registry.Port + "/test"
    51  		imageTag := "latest"
    52  		imageRef := imageRep + ":" + imageTag
    53  
    54  		// Tag the alpine image and verify it has worked.
    55  		err = images.Tag(bt.conn, alpine.shortName, imageTag, imageRep)
    56  		Expect(err).To(BeNil())
    57  		_, err = images.GetImage(bt.conn, imageRef, nil)
    58  		Expect(err).To(BeNil())
    59  
    60  		// Now push the image.
    61  		pushOpts := entities.ImagePushOptions{
    62  			Username:      registry.User,
    63  			Password:      registry.Password,
    64  			SkipTLSVerify: types.OptionalBoolTrue,
    65  		}
    66  		err = images.Push(bt.conn, imageRef, imageRef, pushOpts)
    67  		Expect(err).To(BeNil())
    68  
    69  		// Now pull the image.
    70  		pullOpts := entities.ImagePullOptions{
    71  			Username:      registry.User,
    72  			Password:      registry.Password,
    73  			SkipTLSVerify: types.OptionalBoolTrue,
    74  		}
    75  		_, err = images.Pull(bt.conn, imageRef, pullOpts)
    76  		Expect(err).To(BeNil())
    77  	})
    78  
    79  	// Test using authfile.
    80  	It("tag + push + pull + search (with authfile)", func() {
    81  
    82  		imageRep := "localhost:" + registry.Port + "/test"
    83  		imageTag := "latest"
    84  		imageRef := imageRep + ":" + imageTag
    85  
    86  		// Create a temporary authentication file.
    87  		tmpFile, err := ioutil.TempFile("", "auth.json.")
    88  		Expect(err).To(BeNil())
    89  		_, err = tmpFile.Write([]byte{'{', '}'})
    90  		Expect(err).To(BeNil())
    91  		err = tmpFile.Close()
    92  		Expect(err).To(BeNil())
    93  
    94  		authFilePath := tmpFile.Name()
    95  
    96  		// Now login to a) test the credentials and to b) store them in
    97  		// the authfile for later use.
    98  		sys := types.SystemContext{
    99  			AuthFilePath:                authFilePath,
   100  			DockerInsecureSkipTLSVerify: types.OptionalBoolTrue,
   101  		}
   102  		loginOptions := auth.LoginOptions{
   103  			Username: registry.User,
   104  			Password: registry.Password,
   105  			AuthFile: authFilePath,
   106  			Stdin:    os.Stdin,
   107  			Stdout:   os.Stdout,
   108  		}
   109  		err = auth.Login(bt.conn, &sys, &loginOptions, []string{imageRep})
   110  		Expect(err).To(BeNil())
   111  
   112  		// Tag the alpine image and verify it has worked.
   113  		err = images.Tag(bt.conn, alpine.shortName, imageTag, imageRep)
   114  		Expect(err).To(BeNil())
   115  		_, err = images.GetImage(bt.conn, imageRef, nil)
   116  		Expect(err).To(BeNil())
   117  
   118  		// Now push the image.
   119  		pushOpts := entities.ImagePushOptions{
   120  			Authfile:      authFilePath,
   121  			SkipTLSVerify: types.OptionalBoolTrue,
   122  		}
   123  		err = images.Push(bt.conn, imageRef, imageRef, pushOpts)
   124  		Expect(err).To(BeNil())
   125  
   126  		// Now pull the image.
   127  		pullOpts := entities.ImagePullOptions{
   128  			Authfile:      authFilePath,
   129  			SkipTLSVerify: types.OptionalBoolTrue,
   130  		}
   131  		_, err = images.Pull(bt.conn, imageRef, pullOpts)
   132  		Expect(err).To(BeNil())
   133  
   134  		// Last, but not least, exercise search.
   135  		searchOptions := entities.ImageSearchOptions{
   136  			Authfile:      authFilePath,
   137  			SkipTLSVerify: types.OptionalBoolTrue,
   138  		}
   139  		_, err = images.Search(bt.conn, imageRef, searchOptions)
   140  		Expect(err).To(BeNil())
   141  	})
   142  
   143  })